Getting Data In

Community Activity

What could be causing Splunk to log my data under the wrong hostname? Hello, I recently added my meraki appliance as a datasource on my Splunk instance (reading from a file that syslog-n... by lacrosse1991 Explorer in Getting Data In 05-14-2017 0 5	0	5
How to extract Fields custom JSON File in Splunk I have custom JSON File on Splunk but SPATH command is not able to extract the fields from the data. Can any one sugg... by ashish9433 Communicator in Getting Data In 05-13-2017 0 1	0	1
Save token values so they can persist beyond session timeout I have a dashboard, where I can select a number of items from a list of many thousand. These selected items are added... by bowesmana SplunkTrust in Getting Data In 05-13-2017 0 4	0	4
How to get Splunk know the Account name when the Local or Global Group changed in Windows server 2008? Hi all, I found a problem when I migrate Splunk from Windows server 2003 to Windows server 2008. I created a alert f... by zyxcc New Member in Getting Data In 05-13-2017 0 1	0	1
How do I capture unique API list my application is using through Splunk? I have paths like this: https://100.100.100.100:8080/rest/config/L3UCPE-API:services/service-list/{uniqueId}/ https:... by vijaydudipala88 New Member in Getting Data In 05-12-2017 0 5	0	5
How often indexes or sourcetypes are being searched? Hi All, I'd like to create a report that shows how often users are performing searches against indexes, or even sou... by jguzowski Engager in Getting Data In 05-12-2017 1 2	1	2
Why am I unable to see the forwarder but data is being received? Hi, I setup a forwarder on a linux server and setup Splunk to listen on port 9997 and I added the index name (cisco) ... by Lenval06 Engager in Getting Data In 05-12-2017 0 6	0	6
How to delete an app listing on Splunkbase? How do I delete or remove my app from Splunkbase? by wnguyen Splunk Employee in Getting Data In 05-12-2017 0 1	0	1
Why has Splunk stopped real time monitoring of log files? I have my Splunk configured to monitor 3 directories, there our simulator keeps placing new .log files. It used to w... by coronelfoca Explorer in Getting Data In 05-12-2017 0 14	0	14
Windows Server 2016: Support by Splunk Enterprise & Universal Forwarder Server 2016 was released approximately 6 months ago, but it is still not listed as a supported OS on the system requi... by helge Builder in Getting Data In 05-12-2017 0 4	0	4
How to change sourcetype on indexer based on the value of source? Hi, My data flows in from the forwarder where index=idx1 and sourcetype=sourcetypeA have been set using inputs.conf.... by deepak02 Path Finder in Getting Data In 05-12-2017 0 7	0	7
How do I pull service status for Windows in an efficient manner? I know the WinHostMon input can be used to poll the status of all the services on a host, but it also outputs a lot o... by fairje Communicator in Getting Data In 05-12-2017 0 1	0	1
Why is the Universal Forwarder also sending internal logs when only told to send certain data to different indexer via _TCP_ROUTING in inputs.conf? We have a single inputs.conf stanza that sends the data from "targetLog.log" to a different indexer, "indexerB", than... by quasikaze Explorer in Getting Data In 05-12-2017 0 6	0	6
Windows Server 2016 compatibility Hello Where can I find Information about Windows Server 2016 compatibility (universal forwarder)? Regards by nicocin Path Finder in Getting Data In 05-12-2017 4 15	4	15
running down indexer congestion problems Hi, I'm running into occasional errors from one of my indexers reporting "skipped indexing of internal audit event w... by tgiles Path Finder in Getting Data In 05-12-2017 0 3	0	3
disable all inputs Hello, I'd like to disable all the input on the Splunk_TA_microsoft_ad, is there a handy way to do this? for exampl... by sassens1 Path Finder in Getting Data In 05-12-2017 0 3	0	3
How to check if Heavy Forwarder is autoload balancing properly ? I am forwarding some logs from a Heavy Forwarder to 2 indexers. I want to check if forwarder is balancing load/distr... by abhinav_maxonic Path Finder in Getting Data In 05-11-2017 0 2	0	2
How to find out what the default settings sourcetype that Splunk has set to for a data file in Splunk 6.2+ Hi, I have a log file that I need to import into Splunk and I want to get it as efficient as possible, as there is a... by BlueSocket Contributor in Getting Data In 05-11-2017 0 2	0	2
CSV inconsistent field value Hello Splunkers, So I have this csv file that a certain field contains 10+ numbers. Please see sample image below: ... by lloydknight Builder in Getting Data In 05-11-2017 0 5	0	5
why my indexers are indexing more than the hotdata maxVolumeDataSizeMB Hi, I'm facing some issue that our indexers are not following the local indexes.conf settings in my local indexes.co... by skuma30 New Member in Getting Data In 05-11-2017 0 3	0	3
Cisco ironport syslog broken pipe Hello I configured Splunk to handle TCP syslog from ironport appliances: [tcp://514] connection_host = dns index = ... by sassens1 Path Finder in Getting Data In 05-11-2017 1 1	1	1
How to configure Splunk to index a one line JSON file with 55,000 characters? I have been trying to index a one line JSON file with 55,000 characters in a single line. Splunk seems to cut it off ... by khhenderson Path Finder in Getting Data In 05-11-2017 1 4	1	4
sending AIX audit log stream to splunk I was having major issues getting splunk to work with the "text" file that we are pushing all AIX commands to. Origi... by jfraiberg Communicator in Getting Data In 05-11-2017 4 3	4	3
Index only the first line and ignore the rest. Hello I have few files for which I want to index just the first line and ignore everything else as its purely being ... by theouhuios Motivator in Getting Data In 05-11-2017 0 5	0	5
How to filter the data in my log before indexing? HI I have a scenario where I need to filter the data present in a log. I need to index only the last line from that l... by Tejkumar451 Explorer in Getting Data In 05-11-2017 0 3	0	3